Protection of an iterative calculation

ABSTRACT

A calculation is performed on a first number and a second number. For each bit of the second number a first function is performed. The first function inputs include contents of a first register, contents of a second register and the first number. A result of the first function is placed in a third register. For each bit of the second number, a second function is performed which has as inputs contents of the third register and the contents of a selected one of the first and the second register according to a state of a current bit of the second number. A result of the second function is stored in the selected one of the first and second register.

BACKGROUND Technical Field

The present disclosure generally concerns electronic circuits, such as circuits executing iterative operations. The present disclosure more specifically relates to the protection of modular exponentiation calculations or of calculations on elliptic curves against attacks aiming at discovering quantities manipulated by such calculations.

Description of the Related Art

In many applications, electronic circuits implement algorithms of encryption, authentication, signature calculation, and more generally algorithms manipulating data, called secret, that is, the access to which is desired to be reserved to certain users or circuits. Among such algorithms, some use iterative operations. These may be modular exponentiations, for example, RSA-type algorithms, or products on elliptic curves, for example ECDH-type algorithms.

There exist many methods, called attacks, to attempt discovering or hacking secret data manipulated by such calculations. Among such attacks, so-called side channel attacks, use indirect information such as the power consumption of the circuit (SPA, DPA attacks), the electromagnetic radiation thereof, etc. The interpretation of such information gives the hacker information relative to the secret data.

Among side-channel attacks, one can in particular distinguish attacks called vertical and attacks called horizontal.

Vertical attacks, more particularly targeted by a first aspect of the present disclosure, comprise using the observation of information leaks measured during a plurality of executions using the same secret information by means of statistical tools and by time sampling.

Horizontal attacks, more particularly targeted by a second aspect of the present disclosure, comprise comparing segments originating from a same trace (for example, power consumption or radiation) with one another, to extract the secret information. They use a single execution trace. Data masking countermeasures, which are efficient against vertical side channel attacks, are generally not efficient against horizontal attacks.

BRIEF SUMMARY

An embodiment facilitates improving the protection against side-channel attacks on data manipulated by algorithms employing iterative steps.

An embodiment facilitates overcoming all or part of the disadvantages of usual methods and circuits of protection of data manipulated by algorithms against side-channel attacks.

An embodiment provides a method of protection of a calculation by an electronic circuit, which facilitates overcoming all or part of the disadvantages of usual methods.

An embodiment facilitates providing a calculation method efficient against vertical attacks.

An embodiment facilitates providing a calculation method efficient against horizontal attacks.

In an embodiment, a method of protecting a calculation on a first number and a second number, executed by an electronic circuit, successively comprises, for each bit of the second number:

-   -   performing a first operation with a first operator on the         contents of a first register and of a second register, and then         on the obtained intermediate result and the first number, and         placing the result in a third register; and     -   performing a second operation by submitting the content of the         third register to the first operator with the content of the         first or of the second register according to state “0” or “1” of         the current bit of the second number, and placing the result in         the first or second register.

According to an embodiment, the second register contains the result of the calculation.

According to an embodiment, the first and second registers are initialized with the neutral element of the first operator.

According to an embodiment, the first and second operations are performed modulo a third number.

According to an embodiment, the final content of the third register is compared with the result of a third operation submitting the first number to a second operator with number 2 raised to the power of the number of bits of the second number.

According to an embodiment, the calculation is a modular exponentiation of the first number by the second number.

According to an embodiment, the first operator is multiplication.

According to an embodiment, the second operator is the raising to a power.

According to an embodiment, the calculation is a multiplication of a point of an elliptic curve by a scalar.

According to an embodiment, the first operator is addition.

According to an embodiment, the second operator is multiplication.

An embodiment provides an electronic circuit configured to implement the protection method.

In an embodiment, a method comprises: performing, using an electronic device, a calculation on a first number and a second number; and protecting the performing of the calculation, wherein the method includes: successively for each bit of the second number: performing a first function, the first function using a first operator and having as inputs: contents of a first register, contents of a second register and the first number, and placing a result of the first function in a third register; performing a second function, the second function using the first operator and having as inputs: contents of the third register; and the contents of a selected one of the first and the second register according to a state of a current bit of the second number; and placing a result of the second function in the selected one of the first and second register. In an embodiment, the second register contains the result of the calculation. In an embodiment, the first and second registers are initialized with a neutral element of the first operator. In an embodiment, the first and second functions are performed modulo a third number. In an embodiment, the method comprises comparing contents of the third register with a result of a third function performed on the first number and number 2 raised to a power of a number of bits of the second number. In an embodiment, the calculation corresponds to a modular exponentiation of the first number by the second number. In an embodiment, the third function comprises raising to a power. In an embodiment, the first operator is a multiplication. In an embodiment, the calculation corresponds to a multiplication of a point of an elliptic curve by a scalar. In an embodiment, third function comprises multiplication. In an embodiment, the first operator is addition.

In an embodiment, a device comprises: a plurality of registers; and cryptographic circuitry, which, in operation, performs a calculation on a first number and a second number, wherein the performing the calculation includes: successively for each bit of the second number: performing a first function, with the first function using a first operator and having as inputs: contents of a first register, contents of a second register and the first number, and placing a result of the first function in a third register; performing a second function, the second function using a second operator and having as inputs: contents of the third register; and the contents of a selected one of the first and the second register according to a state of a current bit of the second number; and placing a result of the second function in the selected one of the first and second register. In an embodiment, the second register contains the result of the calculation. In an embodiment, the first and second registers are initialized with a neutral element of the first operator. In an embodiment, the first and second functions are performed modulo a third number. In an embodiment, the cryptographic circuitry, in operation, compares a final contents of the third register with a result of a third function performed on the first number and number 2 raised to a power of a number of bits of the second number. In an embodiment, the calculation corresponds to a modular exponentiation of the first number by the second number. In an embodiment, the third function comprises raising to a power. In an embodiment, the calculation corresponds to a multiplication of a point of an elliptic curve by a scalar. In an embodiment, the third function comprises multiplication.

In an embodiment, a non-transitory computer-readable medium's contents configure cryptographic circuitry to perform a calculation on a first number and a second number. The performing the calculation includes, successively for each bit of the second number: performing a first function, the first function using a first operator and having as inputs: contents of a first register, contents of a second register and the first number, and placing a result of the first function in a third register; performing a second function, the second function using the first operator and having as inputs: contents of the third register; and the contents of a selected one of the first and the second register according to a state of a current bit of the second number; and placing a result of the second function in the selected one of the first and second register. In an embodiment, the contents comprise instructions which, when executed, cause the cryptographic circuitry to perform the calculation. In an embodiment, the first and second functions are performed modulo a third number.

The foregoing and other example features and advantages of various embodiments will be discussed in detail in the following non-limiting description of specific embodiments in connection with the accompanying drawings.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

FIG. 1 schematically shows an embodiment of an electronic circuit;

FIG. 2 schematically shows an example of a modular exponentiation calculation;

FIG. 3 shows in the form of blocks an embodiment of a method of protecting a modular exponentiation calculation;

FIG. 4 shows in the form of blocks another embodiment of a method of protection of a modular exponentiation calculation;

FIG. 5 partially shows in the form of blocks another embodiment of a method of protection of a modular exponentiation calculation; and

FIG. 6 shows in the form of blocks an embodiment of a method of protection of a calculation on an elliptic curve.

DETAILED DESCRIPTION

The same elements have been designated with the same reference numerals in the different drawings, unless the context indicates otherwise. In particular, the structural and/or functional elements common to the different embodiments may be designated with the same reference numerals and may have identical structural, dimensional, and material properties.

For clarity, only those steps and elements which are useful to the understanding of the embodiments which will be described have been shown and will be detailed. In particular, the applications of the executed calculations or of the circuits executing them have not been detailed, the described embodiments being compatible with usual applications.

Unless otherwise specified, when reference is made to two elements connected together, this means directly connected with no intermediate element other than conductors, and when reference is made to two elements coupled together, this means that the two elements may be directly coupled (connected) or coupled via one or a plurality of other elements.

In the following description, expressions “approximately”, “substantially”, and “in the order of” mean to within 10%, preferably to within 5%.

FIG. 1 very schematically shows an electronic circuit 1 of the type to which the embodiments which will be described may apply.

Circuit 1 comprises:

-   -   a calculation entity 11 (UC), for example, a state machine, a         microprocessor, a programmable logic circuit, etc.;     -   one or a plurality of volatile and/or non-volatile storage areas         or memories 13 (MEM) for storing all or part of the data and         keys;     -   one or a plurality of data, address, and/or control buses 15         between the different elements internal to circuit 1 and an         input-output interface or circuit 17 (I/O) for communicating         with the outside of circuit 1.

Circuit 1 may include various other circuits according to the application, symbolized in FIG. 1 by a functional block or circuit 19 (FCT).

Iterative calculation operations, for example, modular exponentiation, can be found in many encryption algorithms, among which, for example, the algorithm known as RSA.

A modular exponentiation comprises calculating result C of the exponentiation of a number or message M by an exponent d (integer) modulo N, that is, applying formula:

C=M ^(d)(mod N).

Most often:

-   -   number M represents the number (or information representative of         the number) which is desired to be encrypted, authenticated,         signed, etc.; and     -   exponent d and modulo N (pair (d, N)) represent the encryption         key, the authentication key, the signature key, etc., (or         information representative of the key).

Iterative calculation operations can also be found in operations such as scalar multiplications on elliptic curves, which form another category of ciphering algorithms. A scalar multiplication comprises calculating result C of the multiplication of a point P of an elliptic curve by an integer d (scalar) modulo N, that is, applying formula:

C=d·P(mod N).

Most often:

-   -   point P represents the number (or information representative of         the number) which is desired to be encrypted, authenticated,         signed, etc.; and     -   scalar d and modulo N (pair (d, N)) represent the encryption         key, the authentication key, the signature key, etc., (or         information representative of the key).

As for a modular exponentiation, scalar multiplication on an elliptic curve by an electronic circuit (a state machine, a processor executing the method in the form of a program, a programmable logic circuit, etc.), for example, circuit 1, is most often performed in iterations, for example, on the bits of the scalar.

For simplification, various embodiments are described, by taking as an example an application to a modular exponentiation. The way to transpose these embodiments to a calculation on an elliptic curve is explained hereafter.

Reference is made to a modular exponentiation arbitrarily noted C=M^(d) (mod N), it being within the abilities of those skilled in the art to perform a transposition to the variables used according to the operation implanted in practice.

The calculation of the modular exponentiation by an electronic circuit (a state machine, a processor executing the method in the form of a program, a programmable logic circuit, etc.), for example, circuit 1, is generally performed by applying methods based on the use of a plurality of variables or registers and by performing iterative calculations on the bits of the exponent.

In the examples described hereafter, the calculation uses at least two registers of circuit 1, or two memory locations, arbitrarily noted R0 and R1, on which the operations will be performed.

For simplification, the registers and their contents will be confounded, that is, when reference is made to operations on the registers, this means on the contents thereof.

FIG. 2 shows, in the form of blocks, the steps of an example modular exponentiation calculation.

In a first step (block 20, R0=1; R1=M), register R0 is initialized to 1 and register R1 is loaded with number M. Exponent d is loaded into another register (not shown) or is located in the memory (d_(i) representing each bit of exponent d, where i designates the rank from 0 to n−1, n representing the exponent size).

A loop calculation on the bits of exponent d is then started. For example, a counter i is initialized to 0, representing the least significant bit (block 230, i=0) and is incremented by 1 (block 235, i=i+1) each time a bit d_(i) of the exponent is processed, as long as not all the bits have been processed (block 239, i=n−1?).

At each iteration, that is, for each bit d_(i) (successively from the least significant bit to the most significant bit), it is started by testing the value of the exponent bit (block 25, d_(i)=1?).

If current bit d_(i) is at 1 (output Y of block 25), the content of register R0 is multiplied, modulo N, by the content of register R1 and the result is placed in register R0 (block 251, R0=R0·R1 (mod N)).

Then, or if current bit d_(i) is equal to 0 (output N of block 25), the content of register R1 is squared, modulo N, and the result is placed in register R1 (block 26, R1=R1·R1 (mod N)).

As long as not all the bits of exponent d have been processed (output N of block 239), counter i is incremented (block 235, i=i+1) and it is returned to step 25 (d_(i)=1?). Once all the bits of exponent d have been processed (output Y of block 239), register R0 contains the result of the modular exponentiation (block 29, RETURN R0 (=M^(d) (mod N)), that is, value C=M^(d) (mod N).

The calculation illustrated in FIG. 2 may also be written as follows:

-   -   R0=1 (step 20)     -   R1=M (step 20)     -   For i=0 to n−1 (steps 230, 235, 239):         -   If d_(i)=1 (step 25)             -   R0=R0·R1 (mod N) (step 251)         -   R1=R1·R1 (mod N) (step 26)     -   End of loop (output Y of block 239)     -   Return R0 (step 29).

The calculation times can be balanced by performing the same number of operations whatever the state of the exponent bit. Thus, the duration of the calculation is independent from the state of the exponent bit.

According to the embodiments described hereafter, it is provided to systematically involve, for each exponent bit, a product of the content of the two registers R0 and R1, multiplied by message M. Then, this intermediate result (stored in a third register R) or a power of this intermediate result is multiplied by the content of one of registers R0 or R1 according to the state of the exponent bit.

FIG. 3 shows, in the form of blocks, the steps of an embodiment of a modular exponentiation calculation according to a first aspect.

In a first step (block 30, R0=1; R1=1), the two registers R0 and R1 are initialized to 1. Message M is loaded into another register (not shown) or is located in the memory. The same applies for modulo N. Exponent d is also loaded into another register (not shown) or is located in the memory (d_(i) representing each bit of exponent d, where i designates the rank from 0 to n−1, n representing the exponent size).

A loop calculation on the bits of exponent d is started. For example, a counter i is initialized to 0, representing the least significant bit (block 330, i=0) and is incremented by 1 (block 335, i=i+1) each time a bit d_(i) of the exponent is processed, as long as not all the bits have been processed (block 339, i=n-l?).

At each iteration, that is, for each bit d_(i) (successively from the least significant bit to the most significant bit), it is started (block 34, R=R0·R1·M (mod N)) by multiplying, modulo N, the content of register R0 by the content of register R1 and by message M, and the result is placed in a register R.

Then, the value of the exponent bit is tested (block 38, d_(i)=1?).

If current bit d_(i) is at 0 (output N of block 38), the content of register R0 is multiplied, modulo N, by the content of register R and the result is placed in register R0 (block 380, R0=R0·R (mod N)).

If current bit d_(i) is at 1 (output Y of block 38), the content of register R1 is multiplied, modulo N, by the content of register R and the result is placed in register R1 (block 381, R1=R1·R (mod N)).

As long as not all the bits of exponent d have been processed (output N of block 339), counter i is incremented (block 335, i=i+1) and it is returned to step 34. Once all the bits of exponent d have been processed (output Y of block 339), register R1 contains the result of the modular exponentiation, that is, value C=M^(d) (mod N).

According to a simplified embodiment, the content of register R1 is then returned to the application as the result (block 39, RETURN R1 (=M^(d) (mod N)).

According to another embodiment, before providing (block 39) the result, that is, at output “Y” of block 339, a step (block 35, R=M^(2{circumflex over ( )}n) (mod N)) of verification that the content of register R is equal to M raised to power 2{circumflex over ( )}n (to power 2 power n) is added. If the condition is respected (output Y of block 35), the result is returned. Otherwise (output N of block 35), the method generates an error (ERROR).

The calculation illustrated in FIG. 3 may also be written as follows:

-   -   R0=1 (step 30)     -   R1=1 (step 30)     -   For i=0 to n−1 (steps 330, 335, 339):         -   R=R0·R1·M (mod N) (step 34)         -   I_(f) d_(i)=1 (output Y of block 38)             -   R1=R1·R (mod N) (step 381)         -   Otherwise (output N of block 38)             -   R0=R0·R (mod N) (step 380)     -   End of loop (output Y of block 339)     -   (Option:     -   If R< >M^(2{circumflex over ( )}n) (mod N) (output N of block         35) Error)     -   Return R1 (step 39).

The method described in relation with FIG. 3 protects the calculation against vertical attacks by balancing the calculation times (the number of operations is independent from the state of the bits).

Further, the fact of using register R in addition to registers R0 and R1 improves the protection by ascertaining that not only the nature of the operation (multiplication) is the same in both cases, but also that one of the operands (the content of register R) intervenes whatever the state of the exponent bit.

Further, step 35 enables to detect a fault injection by bit state inversion during the calculation (safe-error attack). Indeed, if one of the operations has been disturbed by an inversion of the state of at least one bit, test 35 enables to detect it.

The protection can also be improved by introducing random numbers to mask input data M, d, and N at each execution.

The embodiment of FIG. 3 is efficient on vertical attacks, which compare a plurality of traces with the same input data. It however does not protect against horizontal attacks, since horizontal attacks use a single trace, and thus a single execution.

FIG. 4 shows, in the form of blocks, another embodiment of a method of protecting a modular exponentiation calculation.

According to this embodiment, the calculations are performed on windows (groups of consecutive bits of the exponent) of identical sizes. In other words, a size g of windows of consecutive bits is set and it is ascertained that the size of exponent d is dividable by g (that n is an integer multiple of g) or exponent d is transformed over n bits into a second larger exponent d′ (over m bits). Size m of exponent d′ is then selected to be a multiple k of size g of the groups or windows. Second exponent d′ is obtained by completing the original exponent d (or first exponent) with “0”s on the most significant bit side (bits from n to m−1, that is, from n to (k·g)−1). This amounts to obtaining second exponent d′ by concatenation of first exponent d and of bits at state “0”.

The case of an exponent d′ over m bits, with m greater than n, is considered hereafter, but all that is described transposes to an exponent d which is not enlarged, but which is dividable into an integer number of g-bit windows.

Thus, in a first step (block 40, R0=1; R1=1), the two registers R0 and R1 are initialized to 1. Message M is loaded into another register (not shown) or is located in the memory. The same applies for modulo N. Exponent d is also loaded into another register (not shown) or is located in the memory (d_(i) representing each bit of exponent d, where i designates the rank from 0 to n−1, n representing the original exponent size).

One selects (block 41, SELECT g; SELECT k) size g of the windows or bit groups, as well as multiplication coefficient k (integer) so that number m is a multiple of g. In the case where n is a multiple of g, k may be selected such that m=n=k·g.

Exponent d is then modified so that it comprises m bits, without modifying its value. In other words, exponent d is completed, on the most significant bit side from n to m−1, with “0”s (block 42, d′={{d_(i)=0}_(n) ^(m−1), {d_(i)}₀ ^(n−1)}) to obtain the modified exponent d′. Thus, i becomes the rank ranging from 0 to m−1.

A loop calculation over the k windows W_(q), with q ranging from 0 to k−1, is then started. For example, a counter q is initialized to 0 (block 470, q=0) and is incremented by 1 (block 475, q=q+1) for each processing of a window W as long as not all the windows have been processed (block 479, q=k−1?).

At each iteration, that is, for each window W_(q), it is started (block 44, R=R0·R1·M (mod N)) by multiplying, modulo N, the content of register R0 by the content of register R1 and by message M, and the result is placed in a register R.

Then, a set of power of the content of register R is precomputed. This corresponds to compute and to store a table of values representing powers 2^(a) of the content of register R (block 8, {R^(2{circumflex over ( )}a))}) with a ranking from 0 to g−1 (g representing the size of the windows in number of bits). The g resulting values of power of R are stored, for example, in a set of registers.

A loop calculation is then performed on bits d_(i) (of exponent d′) of the current window W_(q). For example, a counter j is initialized to 0 (block 430, j=0) and is incremented by 1 (block 435, j=j+1) for each processing of a bit of the exponent as long as not all the bits d_(j+(q·g)) of window W_(q) have been processed (block 439, j=g−1?).

At each iteration, that is, for each bit d_(i) (successively from the least significant bit d_((q·g)) to the most significant bit d_((q+1)·g−1) or d_(g−1+(q·g)) of the window), it is started by testing the value of bit d_(i) (with i=j+(q·g)) of the exponent (block 48, d_(j+(q·g))=1?).

If current bit d_(j+(q·g)) is at 0 (output N of block 48), the content of register R0 is multiplied, modulo N, by the content of the register containing R raised to power 2^(j) (or 2{circumflex over ( )}j), and the result is placed in register R0 (block 480, R0=R0. R^(2{circumflex over ( )}j) (mod N)).

If current bit d_(j+(q·g)) is at 1 (output Y of block 48), the content of register R1 is multiplied, modulo N, by the content of the register containing R raised to power 2^(j) (or 2{circumflex over ( )}j), and the result is placed in register R1 (block 481, R1=R1·R^(2{circumflex over ( )}j) (mod N)).

Thus, the calculation takes into account the index of the bit in the window.

It should be noted that, before processing the bits of each window, the set of powers of R of the concerned window are computed and stored, for example, in a set of registers.

As long as not all the bits of window W_(q) have been processed (output N of block 439), counter j is incremented (block 435, j=j+1) and it is returned to step 48. Once all the bits of window W_(q) have been processed (output Y of block 439), it is proceeded to the next window.

Thus, as long as not all windows W_(q) have been processed (output N of block 479), counter q is incremented (block 475, q=q+1) and it is returned to step 44. Once all windows W_(q), and thus all the bits of exponent d′, have been processed (output Y of block 479), register R1 contains the result of the modular exponentiation (block 49, RETURN R1 (=M^(d) (mod N)), that is, value C=M^(d) (mod N).

The calculation illustrated in FIG. 4 may also be written as follows:

-   -   R0=1 (step 40)     -   R1=1 (step 40)     -   Select g, select k (step 41)     -   d′={{d_(i)=0}_(n) ^(m−1), {d_(i)}₀ ^(n−1)} (step 42)     -   For q=0 to k−1 (steps 470, 475, 479):         -   R=R0·R1·M (mod N) (step 44)         -   Compute {R² ^(a) }₀ ^(g−1) (step 8)         -   For j=0 to g−1 (steps 430, 435, 439):             -   If d_(j+(q·g))=1 (output Y of step 48)                 -   R1=R1·R^(2{circumflex over ( )}j) (mod N) (step 481)             -   Otherwise (output N of step 48)                 -   R0=R0·R^(2{circumflex over ( )}j) (mod N) (step 480)         -   End of loop (output Y of block 439)     -   End of loop (output Y of block 479)     -   Return R1 (step 39).

Another way of writing this calculation is:

-   -   Select g     -   Select m such that m/g is an integer (k)     -   d′{{d_(i)=0}_(n) ^(m−1), {d_(i)}₀ ^(n−1)}     -   R0=1     -   R1=1     -   For q=0 to k−1:         -   W=[d_(q·g), d_((q·g)+1), . . . , d_(((q+1)·g)−1)]         -   R=R0·R1·M (mod N)         -   Compute {R² ^(a) }₀ ^(g−1)         -   For j=0 to g−1:             -   R_(W[j])=R_(W[j])·R^(2{circumflex over ( )}j), where                 W[j] represents the bit of rank j in window W, and thus                 bit d_(j+(q·g)) of exponent d′.

This embodiment is resistant against vertical attacks and respects a same number of operations whatever the state of the processed bit, as well as the use of a same register (R) as an operand for each iteration, whatever the state of the exponent bit.

As a variation, the final test (step 35, FIG. 3) may also be introduced to detect a fault injection.

The order of steps 40 and 41, 42, is of no importance (it can be started by defining the windows and generating exponent d′, before initializing registers R0 and R1).

Similarly, the order in which the bits are processed within each window is of no importance.

According to the embodiment illustrated in FIG. 4, the bits of the current window are processed sequentially. They may also be processed in the reverse order.

According to another embodiment, the bits of the current window are processed in a random order.

According to another embodiment, a defined permutation (circular or not) of the exponent bits is performed in each window. Such a permutation may be the same for all windows or may be different from one window to another.

This amounts to adding, before step 430, a step performing a permutation s of the positions (or weight) of the g bits of the current window and taking into account, in steps 480 and 481, the rank of the bit resulting from such a permutation.

The embodiment described in relation with FIG. 4 is resistant against horizontal attacks. Indeed, the processing of the exponent in bit windows makes it more difficult to use the single trace in the context of a horizontal attack. In particular, the index of the exponent bit is directly involved in the calculation. The protection is improved by processing the bits within the windows in a different order than their order in the exponent.

FIG. 5 shows the steps of the loop on the bits of each window (replacing steps 430, 48, 480, 481, 435, and 439) according to this embodiment, the other steps being unchanged with respect to the embodiment of FIG. 4.

After step 44 (FIG. 4), a permutation s of the bits d_(i) of the current window W_(q) is carried out (block 56, {d_(i)}_(n,n) ^(((q+1)·g)−1)→{d_(s(i))}^(((q+1)·g)−1)). For example, permutation s is a circular permutation. According to another example, permutation s is a random permutation.

Before processing the bits of each window, the set {R² ^(a) }₀ ^(g−1) of powers of R of the concerned window are computed and stored.

A loop calculation is then always performed on bits d_(s(i)) (of exponent d′) of the current window W_(q). Taking the same example as in FIG. 4, a counter j is initialized to 0 (block 530, j=0) and is incremented by 1 (block 535, j=j+1) for each processing of a bit of the exponent, as long as not all the bits d_(j+(q·g)) of window W_(q) have been processed (block 539, j=g−1?). However, the bits of the window are here processed in the order resulting from permutation s.

At each iteration within the window, that is, for each bit d_(s(i)), with s(i)=j+(q·g), it is started by testing the value of bit d_(j+(q·g)) of the exponent (block 58, d_(j+(q·g))=1?).

If current bit d_(j+(q·g)) is at 0 (output N of block 58), the content of register R0 is multiplied, modulo N, by the content of the register containing R raised to power 2^(j) (or 2{circumflex over ( )}j), and the result is placed in register R0 (block 580, R0=R0·R^(2{circumflex over ( )}j) (mod N)).

If current bit d^(j+(q·g)) is at 1 (output Y of block 58), the content of register R1 is multiplied, modulo N, by the content of the register containing R raised to power 2^(j) (or 2{circumflex over ( )}j), and the result is placed in register R1 (block 581, R1=R1·R^(2{circumflex over ( )}j) (mod N)).

As long as not all the bits of window W_(q) have been processed (output N of block 539), counter j is incremented (block 535, j=j+1) and it is returned to step 58. Once all the bits of window W_(q) have been processed (output Y of block 539), it is proceeded to the next window (block 479, FIG. 4), as long as the windows have not all been processed.

It should be noted that the calculation of the permutation can be performed on the fly, that is, in loop 53. In this case, step 56 is omitted and index j of loop 53 is replaced with s(j).

The calculation illustrated in FIG. 5 may also be written as follows:

-   -   R0=1 (step 40)     -   R1=1 (step 40)     -   Select g, select k (step 41)     -   d′{d_(i)=0)_(n) ^(m−1), {d_(i)}₀ ^(n−1)} (step 42)     -   For q=0 to k−1 (steps 470, 475, 479):         -   R=R0·R1·M (mod N) (step 44)         -   {d_(i)}_(n,n) ^(((q+1)·g)−1)→{d_(s(i))}^(((q+1)·g)−1) (step             56)         -   Compute {R² ^(a) }₀ ^(g−1) (step 8)         -   For j=0 to g−1 (steps 530, 535, 539):             -   If d_(j+(q·g))=1 (output Y of step 58)                 -   R1=R1·R2{circumflex over ( )}j (mod N) (step 581)             -   Otherwise (output N of step 58)                 -   R0=R0·R^(2{circumflex over ( )}j) (mod N) (step 580)         -   End of loop (output Y of block 539)     -   End of loop (output Y of block 479)     -   Return R1 (step 49).

Another way of writing this calculation is:

-   -   Select g     -   Select m such that m/g is an integer (k)     -   d′={d_(i)=0)_(n) ^(m−1), {d_(i)}₀ ^(n−1)}     -   R0=1     -   R1=1     -   For q=0 to k-l:         -   W=[d_(q·g), d_((q·g)+1), . . . , d_(((q+1)·g)−1)]         -   R=R0·R1·M (mod N)         -   Compute {R² ^(a) }₀ ^(g−1)         -   s=permutation in W         -   For j=0 to g−1:             -   R_(W[s(j)])=R_(W[s(j)])·R^(2{circumflex over ( )}s(j)),                 where W[s(j)] represents the bit of rank s(j) of window                 W.

The embodiments illustrated in relation with FIGS. 3 to 5 can be transposed to another type of iterative calculation used in cryptography, that is, products on elliptic curves.

FIG. 6 shows, in the form of blocks, an embodiment of a method of protection of a calculation on an elliptic curve, using the embodiment of FIG. 5.

For simplification, it is not specified for each operation that it is a modular operation, but all the operations of FIG. 6 are also performed modulo N.

In the same way as for a modular exponentiation, the calculations are performed on windows (groups of consecutive bits of the exponent) of identical sizes (g bits) and scalar d is completed, if need be, with Os on the most significant bit side.

The case of a scalar d′ over m bits, with m greater than n, is considered hereafter but all that is described transposes to a scalar d which is not enlarged, but which is dividable into an integer number of g-bit windows.

In a first step (block 60, R0=Ø; R1=Ø), both registers R0 and R1 are initialized to Ø, which represents the neutral element of the elliptic curve. Point P is loaded into another register (not shown) or is located in the memory. The same applies for modulo N. Scalar d is also loaded into another register (not shown) or is located in the memory (d_(i) representing each bit of scalar d, where i designates the rank from 0 to n−1, n representing the original size of scalar d).

One selects (block 61, SELECT g; SELECT k), size g of the windows or bit groups, as well as multiplication coefficient k (integer) so that number m is a multiple of g. In the case where n is a multiple of g, k may be selected such that m=n=k·g.

Number d is then modified so that it comprises m bits, without modifying its value. In other words, number d is completed on the most significant bit side from n to m−1 with “0”s (block 62, d′={{d_(i)=0}_(n) ^(m−1), {d_(i)}₀ ^(n−1)}) to obtain modified scalar d′. Thus, i becomes the rank ranging from 0 to m.

A loop calculation over the k windows W_(q), with q ranging from 0 to k−1, is then started. For example, a counter q is initialized to 0 (block 670, q=0) and is incremented by 1 (block 675, q=q+1) for each processing of a window as long as not all the windows have been processed (block 679, q=k−1?).

For each iteration, that is, for each window W_(q), it is started (block 64, R=(R0+R1)+P) by adding the contents of registers R0 and R1, and point P is added to the obtained result. The result is placed in a register R.

Before processing the bits of each window, the set {R² ^(a) }₀ ^(g−1) of powers of R for the concerned window are computed and stored.

It is assumed that a permutation of the bits of the scalar is applied within each window. FIG. 6 illustrates the variation according to which the permutation is calculated on the fly for each bit, and no longer in advance as was the case for FIG. 5. Thus, a permutation s, for example, circular, random, or other, is defined (block 66, s=PERM{d_(i)}_(n,n) ^(((q+1)·g)−1)).

A loop calculation is then performed on bits d_(i) of the current window W_(q). For example, a counter j is initialized to 0 (block 630, j=0) and is incremented by 1 (block 635, j=j+1) for each processing of a bit of the window, as long as not all the bits of window W_(q) have been processed (block 639, j=g−1?).

At each iteration, that is, for each bit d_(s(j+(q·g))), it is started by testing the value of the bit of the scalar (block 68, d_(s(j+(q·g)))=1?).

If the current bit is 0 (output N of block 68), the content of the register containing R multiplied by 2 raised to power s(j) (2^(s(j)) or 2{circumflex over ( )}s(j) is added to the content of register R0 and the result of the addition is placed in register R0 (block 680, R0=R0+R·2^(s(j))).

If the current bit is 1 (output Y of block 68), the content of the register containing R multiplied by 2 raised to power s(j) (2^(s(j)) or 2{circumflex over ( )}s(j) is added to the content of register R1 and the result of the addition is placed in register R1 (block 681, R1=R1+R·2^(s(j))).

As long as not all the bits of window W_(q) have been processed (output N of block 639), counter j is incremented (block 635, j=j+1) and it is returned to step 68. Once all the bits of window W_(q) have been processed (output Y of block 639), it is proceeded to the next window.

Thus, as long as not all windows W_(q) have been processed (output N of block 679), counter q is incremented (block 675, q=q+1) and it is returned to step 64. Once all windows W_(q), and thus all the bits of exponent d′, have been processed (output Y of block 679), register R1 contains the result of the multiplication on an elliptic curve (block 69, RETURN R1 (=d·P), that is, value C=d·P (mod N).

The calculation illustrated in FIG. 6 may also be written as follows:

-   -   R0=Ø (step 60)     -   R1=Ø (step 60)     -   Select g, select k (step 61)     -   d′={{d_(i)=0}_(n) ^(m−1), {d_(i)}₀ ^(n−1)} (step 62)     -   For q=0 to k−1 (steps 670, 675, 679):         -   R=(R0+R1)+P (step 64)         -   Compute {R² ^(a) }₀ ^(g−1) (step 8)         -   S=PERM{d_(i)}_(n,n) ^(((q+1)·g)−1) (step 66)         -   For j=0 to g−1 (steps 630, 635, 639):             -   If d_(s(j+(q·g)))=1 (output Y of step 68)                 -   R1=R1+R·2^(s+(j+(q·g))) (step 681)             -   Otherwise (output N of step 68)                 -   R0=R0+R·2^(s(j+(q·g))) (step 680)         -   End of loop (output Y of block 639)     -   End of loop (output Y of block 679)     -   Return R1 (step 69).

Another way of writing this calculation is:

-   -   Select g     -   Select m such that m/g is an integer (k)     -   d′{{d_(i)=0}_(n) ^(m−1), {d_(i)}₀ ^(n−1)}     -   R0=Ø     -   R1=Ø     -   For q=0 to k−1:         -   W=[d_(q·g), d_((q·g)+1), . . . , d_(((q+1)·g)−1)]         -   R=(R0+R1)+P         -   Compute {R² ^(a) }₀ ^(g−1)         -   S=PERM{d_(i)}_(n,n) ^(((q+1)·g)−1)

For j=0 to g−1:

-   -    R_(W[s(j)])=R_(W[s(j)])+R·2^(s(j)), where W[_(s(j))] represents         the bit of rank j of window W, and thus bit d_(s(j+(p·g))) of         scalar d′.

Although the example applied to elliptic curves has been described in relation with an embodiment equivalent to that of FIG. 5 of the modular exponentiation, the embodiments of FIGS. 3 and 4 similarly transpose to calculations on elliptic curves.

Further, the protection of the calculation on elliptic curves may also be reinforced by a protection against fault injection by interposing, before supplying the result, a verification step equivalent to step 35 (FIG. 3). In this case, it is verified that the content of register R is equal to 2^(n)·P (mod N).

More generally, according to the described embodiments, to submit a first number (message M for modular exponentiation, the point of an elliptic curve) to an iterative calculation with a second number (the exponent for modular exponentiation, the scalar for elliptic curves), an operation is provided with a first operator (multiplication for modular exponentiation, addition for elliptic curves) on the content of the two registers R0 and R1, and then on the intermediate result and the first number. The result of this operation is placed in register R.

Then, the result of the previous operation (stored in register R) is submitted to a second operator (raising to a power for modular exponentiation, multiplication for elliptic curves) with a function of the rank of the current bit of the second number, and is then submitted to the first operator with the content of one of registers R0 or R1 according to the state of the bit of the second number.

In the embodiment of FIG. 3, the first operation is performed for each bit of the second number.

In the embodiments of FIGS. 4 to 6, the second number is divided into windows or groups of bits and the first operation is performed once per window of bits of the second number.

Specific embodiments have been described. Various alterations, modifications, and improvements will occur to those skilled in the art. In particular, the selection of the size of the windows and of the length of exponent d′ depends on the application and on the acceptable calculation time.

Such alterations, modifications, and improvements are intended to be part of this disclosure, and are intended to be within the spirit and the scope of the present disclosure. Accordingly, the foregoing description is by way of example only and is not intended to be limiting. The present disclosure is limited only as defined in the following claims and the equivalents thereto.

Some embodiments may take the form of or comprise computer program products. For example, according to one embodiment there is provided a computer readable medium comprising a computer program adapted to perform one or more of the methods or functions described above. The medium may be a physical storage medium, such as for example a Read Only Memory (ROM) chip, or a disk such as a Digital Versatile Disk (DVD-ROM), Compact Disk (CD-ROM), a hard disk, a memory, a network, or a portable media article to be read by an appropriate drive or via an appropriate connection, including as encoded in one or more barcodes or other related codes stored on one or more such computer-readable mediums and being readable by an appropriate reader device.

Furthermore, in some embodiments, some or all of the methods and/or functionality may be implemented or provided in other manners, such as at least partially in firmware and/or hardware, including, but not limited to, one or more application-specific integrated circuits (ASICs), digital signal processors, discrete circuitry, logic gates, standard integrated circuits, controllers (e.g., by executing appropriate instructions, and including microcontrollers and/or embedded controllers), field-programmable gate arrays (FPGAs), complex programmable logic devices (CPLDs), etc., as well as devices that employ RFID technology, and various combinations thereof.

The various embodiments described above can be combined to provide further embodiments. Aspects of the embodiments can be modified, if necessary to employ concepts of the various patents, applications and publications to provide yet further embodiments.

These and other changes can be made to the embodiments in light of the above-detailed description. In general, in the following claims, the terms used should not be construed to limit the claims to the specific embodiments disclosed in the specification and the claims, but should be construed to include all possible embodiments along with the full scope of equivalents to which such claims are entitled. Accordingly, the claims are not limited by the disclosure. 

1. A method, comprising: performing, using an electronic device, a calculation on a first number and a second number; and protecting the performing of the calculation, wherein the method includes: successively for each bit of the second number: performing a first function, the first function using a first operator and having as inputs: contents of a first register, contents of a second register and the first number, and placing a result of the first function in a third register; performing a second function, the second function using the first operator and having as inputs: contents of the third register; and the contents of a selected one of the first and the second register according to a state of a current bit of the second number; and placing a result of the second function in the selected one of the first and second register.
 2. The method of claim 1 wherein the second register contains the result of the calculation.
 3. The method of claim 1 wherein the first and second registers are initialized with a neutral element of the first operator.
 4. The method of claim 1 wherein the first and second functions are performed modulo a third number.
 5. The method of claim 1, comprising comparing contents of the third register with a result of a third function performed on the first number and number 2 raised to a power of a number of bits of the second number.
 6. The method of claim 1 wherein the calculation corresponds to a modular exponentiation of the first number by the second number.
 7. The method of claim 5 wherein the third function comprises raising to a power.
 8. The method of claim 1 wherein the first operator is a multiplication.
 9. The method of claim 1 wherein the calculation corresponds to a multiplication of a point of an elliptic curve by a scalar.
 10. The method of claim 5 wherein the third function comprises multiplication.
 11. The method of claim 9 wherein the first operator is addition.
 12. A device, comprising: a plurality of registers; and cryptographic circuitry, which, in operation, performs a calculation on a first number and a second number, wherein the performing the calculation includes: successively for each bit of the second number: performing a first function, with the first function using a first operator and having as inputs: contents of a first register, contents of a second register and the first number, and placing a result of the first function in a third register; performing a second function, the second function using a second operator and having as inputs: contents of the third register; and the contents of a selected one of the first and the second register according to a state of a current bit of the second number; and placing a result of the second function in the selected one of the first and second register.
 13. The device of claim 12 wherein the second register contains the result of the calculation.
 14. The device of claim 12 wherein the first and second registers are initialized with a neutral element of the first operator.
 15. The device of claim 12 wherein the first and second functions are performed modulo a third number.
 16. The device of claim 12 wherein the cryptographic circuitry, in operation, compares a final contents of the third register with a result of a third function performed on the first number and number 2 raised to a power of a number of bits of the second number.
 17. The device of claim 12 wherein the calculation corresponds to a modular exponentiation of the first number by the second number.
 18. The device of claim 16 wherein the third function comprises raising to a power.
 19. The device of claim 12 wherein the calculation corresponds to a multiplication of a point of an elliptic curve by a scalar.
 20. The device of claim 16 wherein the third function comprises multiplication.
 21. A non-transitory computer-readable medium having contents which configure cryptographic circuitry to perform a calculation on a first number and a second number, the performing the calculation including: successively for each bit of the second number: performing a first function, the first function using a first operator and having as inputs: contents of a first register, contents of a second register and the first number, and placing a result of the first function in a third register; performing a second function, the second function using the first operator and having as inputs: contents of the third register; and the contents of a selected one of the first and the second register according to a state of a current bit of the second number; and placing a result of the second function in the selected one of the first and second register.
 22. The non-transitory computer-readable medium of claim 21 wherein the contents comprise instructions which, when executed, cause the cryptographic circuitry to perform the calculation.
 23. The non-transitory computer-readable medium of claim 21 wherein the first and second functions are performed modulo a third number. 